Bug 611590 – gjs_callback_from_arguments accesses argv out of bounds

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 611590 - gjs_callback_from_arguments accesses argv out of bounds


Summary:	gjs_callback_from_arguments accesses argv out of bounds


Status:	RESOLVED FIXED

Product:	gjs
Classification:	Bindings
Component:	general
Version:	unspecified
Hardware:	Other All

Importance:	Normal normal
Target Milestone:	---
Assigned To:	gjs-maint
QA Contact:	gjs-maint

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2010-03-02 12:56 UTC by Tommi Komulainen
Modified:	2010-03-02 22:20 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
gi: assert gjs_callback_from_arguments doesn't access argv out of bounds (3.03 KB, patch) 2010-03-02 12:56 UTC, Tommi Komulainen	none	Details \| Review
gi: do not collect user_data argument(s) for callbacks when not passed (1.05 KB, patch) 2010-03-02 14:08 UTC, Tommi Komulainen	none	Details \| Review

Description Tommi Komulainen 2010-03-02 12:56:36 UTC

Adding some assertions makes it clear. In practice it might work
deterministically, but I don't think it's good practice.

Comment 1 Tommi Komulainen 2010-03-02 12:56:38 UTC

Created attachment 155032 [details] [review]
gi: assert gjs_callback_from_arguments doesn't access argv out of bounds

Comment 2 Tommi Komulainen 2010-03-02 14:08:45 UTC

Created attachment 155037 [details] [review]
gi: do not collect user_data argument(s) for callbacks when not passed

I'm not entirely sure if the logic is completely correct here. make check
passes, though.

Comment 3 Johan (not receiving bugmail) Dahlin 2010-03-02 14:34:54 UTC

Review of attachment 155037 [details] [review]:

API breakage but should be okay. Missing tests!

Comment 4 Tommi Komulainen 2010-03-02 14:42:14 UTC

There are tests already. The first patch makes it fail, the latter fixes it. From what I can tell the original code was using an uninitialized value as argument and I don't believe that was intended API. Or maybe the value (argv[argv]) is deterministically initialized but I don't know immediately what value that might be.

Comment 5 Johan (not receiving bugmail) Dahlin 2010-03-02 15:51:38 UTC

Sure, sounds good then, just commit it.